The cybersecurity team can be a challenging one for organizations to keep engaged and happy. Talent is scarce, turnover and burnout rates are high. That’s why employers have to keep existing teams engaged in their profession, and current on the latest threats and defenses.
To accomplish this, every organization needs a formal, standards-based cybersecurity training and education program for the employees responsible for securing their critical assets.
What are the key components of a training program? Whatever an organization’s unique circumstances, three major tenets must guide any training effort:
Security is an obligation, not an option.
Evolving technology and constantly changing threat landscapes require a long-term, agile commitment to security.
Skills development should be measured for effectiveness.
Who should conduct training?
Corporate training is often led by Human Resources. But cybersecurity is a very specialized, dynamic discipline, requiring a focused, expert-led approach. If HR is in charge of training as a function, cybersecurity or IT leadership must be engaged and remain involved in cybersecurity training by assuming the responsibility of creating a curriculum that maps to its needs.
HR and cybersecurity/IT teams should decide together what areas of training and assessments are needed, as well as which cybersecurity team members should be trained and certified, at which point in their tenure, and for what applicable skill or domain.
What should the curriculum look like?
Developing a cybersecurity education curriculum requires that you start with a thorough assessment, which will uncover any needs that an organization may not have recognized yet.
An assessment should cover elements including which systems, platforms and applications are in plac ..
Support the originator by clicking the read the rest link below.
